| VID |
26447 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (971032) for 'Null Pointer Vulnerability in MSMQ' has not been applied. An elevation of privilege vulnerability exists in the Windows Message Queuing service (MSMQ) due to a specific flaw in the parsing of an IOCTL request to the Message Queuing service. The MSMQ service improperly checks input data before passing them to the buffer. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually enable the Message Queuing component are likely to be vulnerable to this issue
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS09-040.mspx
* Platforms Affected:
Microsoft Windows 2000 SP 4
Microsoft Windows XP SP 2
Windows Server 2003 SP2
Windows Vista |
| Recommendation |
Apply the appropriate patch (971032) for your system, as listed in Microsoft Security Bulletin MS09-040 at http://www.microsoft.com/technet/security/bulletin/ms09-040.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2009-1923,CVE-2009-1924 (CVE) |
| Related URL |
35980,35981 (SecurityFocus) |
| Related URL |
(ISS) |
|
